summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gentoobrowse/request/doconfirm.xml5
-rw-r--r--gentoobrowse/request/dologin.xml13
-rw-r--r--gentoobrowse/request/dosignup.xml10
-rw-r--r--gentoobrowse/request/track.xml8
4 files changed, 8 insertions, 28 deletions
diff --git a/gentoobrowse/request/doconfirm.xml b/gentoobrowse/request/doconfirm.xml
index 6b8eed8..a811408 100644
--- a/gentoobrowse/request/doconfirm.xml
+++ b/gentoobrowse/request/doconfirm.xml
@@ -7,11 +7,8 @@
<sql>
SELECT COUNT(*)
FROM users
- WHERE verifyguid = ?
+ WHERE verifyguid = <param source="param" name="verifyguid" />
</sql>
- <parameters>
- <param name="0"><value source="param" name="verifyguid" /></param>
- </parameters>
</project2:sqlcheck>
<project2:iterate datasource="postgres-web" name="getUidFromDatabase" source="users" filter="verifyguid">
<parameters>
diff --git a/gentoobrowse/request/dologin.xml b/gentoobrowse/request/dologin.xml
index 1194bab..34466eb 100644
--- a/gentoobrowse/request/dologin.xml
+++ b/gentoobrowse/request/dologin.xml
@@ -15,25 +15,18 @@
<sql>
SELECT COUNT(*)
FROM users
- WHERE username = ?
- AND userpassword = ?
+ WHERE username = <param source="param" name="username" />
+ AND userpassword = <param source="param" name="password" />
</sql>
- <parameters>
- <param name="0"><value source="param" name="username" /></param>
- <param name="1"><value source="param" name="password" /></param>
- </parameters>
</project2:sqlcheck>
<project2:sqlcheck datasource="postgres-web" testOp="=" testValue="1" present="confirm" name="checkConfirmed">
<message>Confirmation code required</message>
<sql>
SELECT COUNT(*)
FROM users
- WHERE username = ?
+ WHERE username = <param source="param" name="username" />
AND verifyguid IS NULL
</sql>
- <parameters>
- <param name="0"><value source="param" name="username" /></param>
- </parameters>
</project2:sqlcheck>
<project2:iterate datasource="postgres-web" name="getUidFromDatabase" source="users" filter="username">
<parameters>
diff --git a/gentoobrowse/request/dosignup.xml b/gentoobrowse/request/dosignup.xml
index 7b515f9..e59304a 100644
--- a/gentoobrowse/request/dosignup.xml
+++ b/gentoobrowse/request/dosignup.xml
@@ -14,22 +14,16 @@
<sql>
SELECT COUNT(*)
FROM users
- WHERE username = ?
+ WHERE username = <param source="param" name="username" />
</sql>
- <parameters>
- <param name="0"><value source="param" name="username" /></param>
- </parameters>
</project2:sqlcheck>
<project2:sqlcheck datasource="postgres-web" testOp="=" testValue="0" present="signup" name="freeEmail">
<message>Email address already used</message>
<sql>
SELECT COUNT(*)
FROM users
- WHERE useremail = ?
+ WHERE useremail = <param source="param" name="email" />
</sql>
- <parameters>
- <param name="0"><value source="param" name="email" /></param>
- </parameters>
</project2:sqlcheck>
<project2:sqltask datasource="postgres-web" name="insertUser">
<sql>INSERT INTO users(username, userrealname, userpassword, useremail, verifyguid)
diff --git a/gentoobrowse/request/track.xml b/gentoobrowse/request/track.xml
index 41eb328..204bc03 100644
--- a/gentoobrowse/request/track.xml
+++ b/gentoobrowse/request/track.xml
@@ -5,13 +5,9 @@
<sql>
SELECT COUNT(*)
FROM user_packages
- WHERE packageid = ?
- AND userid = ?
+ WHERE packageid = <param source="param" name="packageid" />
+ AND userid = <param source="session" name="loggedInUserID" />
</sql>
- <parameters>
- <param name="0"><value source="param" name="packageid" /></param>
- <param name="1"><value source="session" name="loggedInUserID" /></param>
- </parameters>
</project2:sqlcheck>
<project2:sqltask datasource="postgres-web" name="addTrack">
<sql>INSERT INTO user_packages(packageid, userid, trackedsince) VALUES(